| 1. |
OpenBSD Journal: A resource for the OpenBSD community
|
| |
In what can only be called a great stride forward in routing security, Sebastian Benoit (benno@) announced the availability of rpki-client version 9.0.The announcement reads, Subject: rpki-client 9.0 released From: Sebastian Benoit <benno openbsd ! org> Date: 2024-03-03 17:24:06 rpki-client 9.0 has just been released and will be available in the rpki-client directory of any OpenBSD mirror soon.
|
| |
undeadly.org/cgi
|
| |
|
| 2. |
20 years since "and we're just starting": undeadly.org turns 20 (2024 ...
|
| |
Contributed by Peter N. M. Hansteen on 2024-04-07 from the 20 years a Puffyist dept. It's been 20 years since the first undeadly.org post appeared. At that point in our history, we had been enjoying frequent updates to the OpenBSD Journal at the deadly.org site for more than four years, and most of us thought it was an April's Fool prank when ...
|
| |
undeadly.org/cgi?action=article;sid=20240409044953
|
| |
|
| 3. |
OpenBSD 7.0 released
|
| |
Contributed by rueda on 2021-09-20 from the Undeadly-SYNs dept. The OpenBSD project has released OpenBSD 7.0 , the project's 51 st release. As usual, the release page offers highlights, installation and upgrade instructions, as well as links to other resources such as the detailed changelog. Notable improvements include, but are not limited to:
|
| |
undeadly.org/cgi?action=article;sid=20211014144620
|
| |
|
| 4. |
OpenSSH 9.2/9.2p1 released! - undeadly.org
|
| |
OpenSSH 9.2 was released on 2023-02-02. It is available from the mirrors listed at https://www.openssh.com/. As should be of no surprise to undeadly readers, OpenSSH ...
|
| |
undeadly.org/cgi?action=article;sid=20230202205608
|
| |
|
| 5. |
OpenBSD 7.4 Released
|
| |
The OpenBSD project has announced the release of OpenBSD 7.4, the 55 th release of the OpenBSD operating system.. The new release contains a number of innovations and improvements across a number of areas, including Mandatory enforcement of indirect branch targets [See earlier report].; viogpu(4), a VirtIO GPU driver [See earlier report]. vmd(8) has moved to a multi-process model for virtio(4 ...
|
| |
undeadly.org/cgi?action=article&sid=20231016130614&ref=upstract.com
|
| |
|
| 6. |
OpenBSD KDE Status Report
|
| |
OpenBSD has managed to drop KDE3 and KDE4 in the 6.8 -> 6.9 release cycle. That makes me very happy because it was a big piece of work and long discussions. This of course brings questions: Kde Plasma 5 package missing. After half a year of work, I managed to successfully update the Qt5 stack to the last LTS version 5.15.2. On the whole, the most work was updating QtWebengine.
|
| |
undeadly.org/cgi?action=article;sid=20210124113220
|
| |
|
| 7. |
Introducing dhcpleased(8)
|
| |
Now enabled by default on OpenBSD -current is dhcpleased (8), a dynamic host configuration protocol daemon written by florian@ (Florian Obser), who spoke with us about his work: I suppose this is either the KAME project 's fault, or if we don't want to go that far back, Theo's fault. At g2k16 he floated the idea of a network configuration daemon.
|
| |
undeadly.org/cgi?action=article;sid=20210722072359
|
| |
|
| 8. |
OpenBSD may soon gain further memory protections: immutable userland ...
|
| |
In a September 1st post to tech@ titled immutable userland mappings, Theo de Raadt (deraadt@) gave us a preview of code that may soon land in -current.The message leads in, In the last few years, I have been improving the strictness of userland memory layout. An example is the recent addition of MAP_STACK and msyscall().
|
| |
undeadly.org/cgi?action=article;sid=20220902100648
|
| |
|
| 9. |
About the OpenBSD Journal
|
| |
OpenBSD Journal. Home Archives About Submit Story Create Account Login. About the OpenBSD Journal Purpose. The OpenBSD Journal is a site dedicated to providing news and information of interest to members of the OpenBSD community.. The site is run by a small group of volunteers. Although several OpenBSD developers are registered users of the site, and the site receives frequent contributions ...
|
| |
undeadly.org/cgi?action=about
|
| |
|
| 10. |
OpenBGPD 7.5 released
|
| |
We have released OpenBGPD 7.5, which will be arriving in the OpenBGPD directory of your local OpenBSD mirror soon. This release includes the following changes to the previous release: Implement RFC 9234 - Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages. Full support for RFC 7911 - Advertisement of Multiple Paths in BGP .
|
| |
undeadly.org/cgi?action=article;sid=20220716101930
|
| |
|
| 11. |
Initial support for guided disk encryption in the installer
|
| |
The OpenBSD installer now has basic support for configuring disk encryption during the regular installation process. Previously, disk encryption needed to be set up manually by dropping to the shell from the installer. Initial support, likely to be expanded upon, was committed by Klemens Nanni ( kn@) on March 7, 2023 . The commit reads,
|
| |
undeadly.org/cgi?action=article;sid=20230308063109
|
| |
|
| 12. |
OpenSSH 9.3p2 released
|
| |
OpenSSH 9.3p2 released. Contributed by grey on 2023-07-19 from the It's Wednesday, but you should still patch this now. dept. As announced by Damien Miller: "We've just made an OpenSSH release to fix a remotely exploitable RCE vulnerability in ssh-agent's PKCS#11 support (CVE-2023-38408).
|
| |
undeadly.org/cgi?action=article;sid=20230719180438
|
| |
|
| 13. |
Next steps toward mimmutable, from deraadt@
|
| |
In a recent message to the tech mailing list, Theo de Raadt (deraadt@) summarized the state of the new memory protections work.The thread also includes a followup from Otto Moerbeek (otto@) on consequent changes to the memory allocation mechanisms.. Theo writes, From: "Theo de Raadt" <deraadt openbsd ! org> Date: Fri, 18 Nov 2022 03:10:05 +0000 To: openbsd-tech Subject: More on mimmutable ...
|
| |
undeadly.org/cgi?action=article;sid=20221120115616
|
| |
|
| 14. |
Index for 2022 - undeadly.org
|
| |
OpenBSD Journal. Home Archives About Submit Story Create Account Login. Archive Index for 2022. January. DRM updated; LibreSSL update; A proof of concept: running OpenBSD on the PinePhone; February. New 'Reckless guide to OpenBSD' published
|
| |
undeadly.org/cgi?action=archive;y=2022
|
| |
|
| 15. |
New versions of LibreSSL released
|
| |
The LibreSSL project has announced the release of versions 3.6.3 and 3.7.3, and (development) version 3.8.0 of the software. The announcement for versions 3.6.3 and 3.7.3 reads: We have released LibreSSL 3.6.3 and 3.7.3, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. They include the following fixes: * Bug fix - Hostflags in the verify parameters would not ...
|
| |
undeadly.org/cgi?action=article;sid=20230528115900
|
| |
|
| 16. |
EuroBSDCon 2023 presentations
|
| |
Coimbra! dept. EuroBSDCon 2023 has now ended, and slides for many of the OpenBSD developer presentations are now available in the usual place. Video of the presentations can be expected somewhat later. Slides from the tutorial "Network Management with the OpenBSD Packet Filter Toolset" are also available. (Comments are closed)
|
| |
undeadly.org/cgi?action=article;sid=20230919063240
|
| |
|
| 17. |
Help the OpenBSD Foundation Reach Its 2022 Funding Goal
|
| |
The OpenBSD Foundation, which is central to funding the OpenBSD project, needs your help to reach its 2022 Fundraising Goal of $300,000. At the time of writing, the amount raised in 2022 stands at a little over 50% of the stated goal. The Foundation needs your help to sustainably fund the project. Please head over to the Foundation's donations ...
|
| |
undeadly.org/cgi?action=article;sid=20221202062601
|
| |
|
| 18. |
HEADS UP: ntpd changing
|
| |
The ntpd options -s and -S are going to be removed soon and at startup. with print: -s option no longer works and will be removed soon. Please reconfigure to use constraints or trusted servers. Probably after 6.7 we'll delete the warning. Maybe for 6.8 we'll remove. -s and -S from getopt, and starting with those options will fail.
|
| |
undeadly.org/cgi?action=article;sid=20191111075815
|
| |
|
| 19. |
RSA/SHA1 signature type disabled by default in OpenSSH
|
| |
In a message to tech@ Damien Miller (djm@) explained the consequences of his recent commit: RSA/SHA1, a.k.a the "ssh-rsa" signature type is now disabled by default in OpenSSH. While The SSH protocol confusingly uses overlapping names for key and signature algorithms, this does not stop the use of RSA keys and there is no need to regenerate "ssh-rsa" keys - most servers released in the last ...
|
| |
undeadly.org/cgi?action=article;sid=20210830113413
|
| |
|
| 20. |
Soft updates (softdep) disabled for future VFS work
|
| |
A low key leak from the ongoing g2k23 hackathon comes the news that soft updates (aka softdep) will, for now, be a no-op on OpenBSD-current.. The commit message by Bob Beck (beck@) reads, . From: Bob Beck <beck cvs ! openbsd ! org> Date: 2023-07-05 15:13:28 CVSROOT: /cvs Module name: src Changes by: beck@cvs.openbsd.org 2023/07/05 09:13:28 Modified files: sys/kern : vfs_syscalls.c sys/sys ...
|
| |
undeadly.org/cgi?action=article;sid=20230706044554
|
| |
|
| 21. |
Wayland on OpenBSD
|
| |
Matthieu Herrb (matthieu@) has written some notes on his work at the (recently-concluded) g2k23 hackathon in Tallinn, Estonia.His article, Wayland on OpenBSD, starts: These are my notes from experimenting with building Wayland bits on OpenBSD during g2k23 in Tallinn… Thanks to the OpenBSD foundation for organizing this event.
|
| |
undeadly.org/cgi?action=article;sid=20230711113344
|
| |
|
| 22. |
OpenBSD Developer: Ted Unangst
|
| |
OpenBSD Developer: Ted Unangst. Date: 2015-10-25. On October 18th 20 years ago the first commits to the OpenBSD project landed in the CVS repository. Today on the anniversary the beastie.pl team invites all readers to a series of interviews that our staff conducted with the project developers. We continue with our eight interview - Ted Unangst. 1.
|
| |
undeadly.org/features/2015/10/beastie_pl_interviews/ted-unangst.html
|
| |
|
|
|